Category: Advanced Persistent Threat
-
TRACING REGISTRY KEYS
Microsoft uses Tracing keys to trace issues and monitor applications and their execution. The key is located in the following path C:\Windows\system32\Config\SOFTWARE: Microsoft\Tracing . The key as seen in the registry below In the case of the application svchost.exe, I will focus on the RASAPI32 and RASMANCS registry keys located in SOFTWARE: Microsoft\Tracing\svchost_RASAPI32 SOFTWARE: Microsoft\Tracing\svchost_RASMANCS […]
-
Bitcoin Phishing Ring CoinHoarder
Cisco’s Talos Group has published their findings on a Bitcoin theft campaign they have been tracking in the Ukraine. By purchasing Google AdWords, the attackers were able to target specific search terms, such as “blockchain” or “bitcoin wallet”. Potential victims, searching for these terms, would see the cybercriminals’ links in the search results as a […]
-
WannaCry Malware Take Away
The world has experienced a Cyber Attack according to numerous open-source, classified as a ransomware campaign.It created ten of thousands of infections in Over 150 countries including the United States, United Kingdom,Spain, Russia, Taiwan,France and Japan. The software can run in as many as 27 different languages.The piece of code is affecting only Microsoft Windows […]